| View previous topic :: View next topic |
| Author |
Message |
MXB
-
Joined: 24 Apr 2006
Posts: 9
|
 Posted: Fri May 29, 2009 6:06 pm Post subject: How to make one directory public and all others private? |
 |
|
How to setup some IP Address Control rule that:
| Quote: | Open just one specified directory for publicly access.
And block all IPs except Local addresses to access all other directories. |
My settings are down here:
Is there something wrong?
When I access any directory of my site by an web proxy (to emulate public access), I got an 403 Error.
_________________
  Ah Ha! |
|
| Back to top |
  |
 |
aprelium-support
-
Joined: 20 Feb 2009
Posts: 356
|
| Posted: Tue Jun 02, 2009 10:16 am Post subject: |
|
|
MXB,
According to your settings, the order "Deny/Allow" for the virtual path "/public" will deny all connections. We suggest that you change it to "Allow/Deny".
In addition the "/" rule will deny connections for the "/public" virtual folder because "/public" is a special cas for "/".
_________________
Support Team
Aprelium - http://www.aprelium.com |
|
| Back to top |
 |
|
MXB
-
Joined: 24 Apr 2006
Posts: 9
|
| Posted: Tue Jun 02, 2009 12:18 pm Post subject: |
|
|
Thanks for reply.
| aprelium-support wrote: |
We suggest that you change it to "Allow/Deny".
|
I read the User's Guide. By changing to this order("Allow/Deny") is Deny by default, right? I tried, seems not fits my needs.
Maybe my description in previous post was not clear enough.
If my htdocs dir contents dirs such as:
/public
/abc
/test1
/demo
/cms
/lib
...
/privateN
I want /public be public; all others (/abc,/test1,/demo ... /privateN) be private.
I want browse those dirs just on local machine for testing purpose
and, needn't modify settings while adding new dirs.
Is that possible?
_________________
Ah Ha! |
|
| Back to top |
|
|
aprelium-support
-
Joined: 20 Feb 2009
Posts: 356
|
| Posted: Wed Jun 03, 2009 9:26 am Post subject: |
|
|
MXB,
Unfortunately, you need to configure the folders one by one for security issues.
The other possible solution is to use regular expressions:
http://www.aprelium.com/abyssws/articles/regex-basics.html
For example, you can can rename any private directory "folder" to "rfolder" (r for restricted) and create a rule to restrict access to every virtual path that matches the pattern "/r*".
_________________
Support Team
Aprelium - http://www.aprelium.com |
|
| Back to top |
|
|
MXB
-
Joined: 24 Apr 2006
Posts: 9
|
| Posted: Tue Jun 09, 2009 6:23 am Post subject: |
|
|
| aprelium-support wrote: |
The other possible solution is to use regular expressions:
http://www.aprelium.com/abyssws/articles/regex-basics.html
For example, you can can rename any private directory "folder" to "rfolder" (r for restricted) and create a rule to restrict access to every virtual path that matches the pattern "/r*". |
Did you mean put "/r*" in URL Rewriting Rules? Maybe you missed a dot(.) in "/r*"?
"/r.*" works.
----------
Anyway, it is strange that "/r*" will match all paths? why?
in rewrite.log
| Quote: | ----------------------------------------------
Request URI=[/]:
Rule #1: Regex [/r*] matches with the request URI
Testing the conditions:
REMOTE_ADDR (value: [127.0.0.1]) != [127.0.0.1] => FALSE
The conditions are not verified (FALSE).
===> No rule matches.
----------------------------------------------
Request URI=[/favicon.ico]:
Rule #1: Regex [/r*] matches with the request URI
Testing the conditions:
REMOTE_ADDR (value: [127.0.0.1]) != [127.0.0.1] => FALSE
The conditions are not verified (FALSE).
===> No rule matches.
----------------------------------------------
Request URI=[/restricted/]:
Rule #1: Regex [/r*] matches with the request URI
Testing the conditions:
REMOTE_ADDR (value: [127.0.0.1]) != [127.0.0.1] => FALSE
The conditions are not verified (FALSE).
===> No rule matches.
----------------------------------------------
|
Why "/","/favicon.ico","/restricted/" all match with "/r*"?
_________________
Ah Ha! |
|
| Back to top |
|
|
aprelium-support
-
Joined: 20 Feb 2009
Posts: 356
|
| Posted: Tue Jun 09, 2009 10:11 am Post subject: |
|
|
MXB,
We apologize about the confusion. The "/r*" is just a pattern that means a string followed by something. It is not a regular expression.
The regular expression that you need is "^/r".
_________________
Support Team
Aprelium - http://www.aprelium.com |
|
| Back to top |
|
|
MXB
-
Joined: 24 Apr 2006
Posts: 9
|
| Posted: Tue Jun 09, 2009 1:53 pm Post subject: |
|
|
aprelium-support,
I'm sorry I missed the "^" in "^/r.*".
I tried fill "b/b" in "Virtual Path Regular Expression" filed and tested.
It matches path "/tab/bed/".
----It seems----
Just need one part of a string matches with the given Regular Expression to make the rule TRUE.
"^/r" and "^/.*" mostly have the same mean in "Virtual Path Regular Expression" unit in Abyss Web Server.
"/r*" should works in "IP Address Control"-"Virtual Path" unit, as a Pattern to match any path start with "/r"
If fill it in "Virtual Path Regular Expression" filed, will match any "/" in any path.
-----------------
Sorry, I am unfamiliar with Regular Expression.
Here's my Regular Expression for the case in first post:
^(?!/public(?:$|/.*?)).*?$
I tested,
Hope it truly right for Abyss Web Server.
_________________
Ah Ha! |
|
| Back to top |
|
|
|
@abyssws